db8151dd: sensitive data of 22.8 million users online. It is not known where they come from

The security researcher Troy Hunt, the manager of the Have I Been Pwned site where it meticulously collects the email addresses present within data breaches over the web over time, has communicated that it has just finished uploading a list of over 22 million entries belonging to a data breach known by the codename "db8151dd". The most sinister aspect of the story is the total lack of clues that can trace the origin of the violation.

It all started last February, when Hunt started investigating a "huge collection" of data that remained accessible on the servers of one of the main cloud service providers (Hunt does not specify who it is) and containing over 103 millions of lines. Hunt had already highlighted, through a Twitter post, the difficulty of identifying elements that could help attribute this collection to a specific security incident.

Although inside the collection there were sensitive data of Hunt himself, thus allowing him to be able to initiate investigations more accurately, he was unable to find any useful information to determine the origin of the information. Hunt, however, managed to highlight particular elements: for example, he mentions the presence of his telephone number in the collection, when he himself claims it is a detail that he does not share publicly, or he still observes that his record is found, at inside the collection, immediately adjacent to a person with whom he interacted in the past. But beyond these details, the darkness.

Over the course of these three months, Hunt has continued his investigation, trying to take different paths, but without success. Hunt reported that he has finished updating his Have I Been Pwned site with over 22.8 million email addresses found in collection "db8151dd".

His commentary on the rather laconic affair: "There is nothing that I or you can do, besides being more aware than ever of how far our information spreads without our consent and without knowing it".